TCP 12345

ProtocolTCP

Port12345

LabelsCube World

Synopsis

NetBus (a Windows remote-administration trojan/backdoor) uses TCP port 12345 by default for its server component; the NetBus client connects to this port to control the infected host. Because of this, port 12345 is historically associated with hacking/exploitation and is commonly flagged by security tools.

Observed activity

Last 30 days Detailed chart

More information

SANS Internet Storm Center: Port 12345